<?php 

$con=new mysqli("localhost","root","","blog") or die("<p>connect failed</P>");
$con->set_charset("utf8");
$table=$con->query("select * from usr");



// var_dump($table);
    // header('Content-type:text/html; charset=utf-8');
    
	session_start();
 

	if (isset($_POST)) {

		$usrname = htmlentities(trim($_POST['usrname']));
		$passwd = htmlentities(trim($_POST['passwd']));

		if (($usrname == '') || ($passwd == '')) {
			header('refresh:3; url=login.php');
			echo "用户名或密码不能为空，系统将在3秒后返回登录界面，请重新登录";
			exit;
        } 

        while($record=$table->fetch_assoc()){
            if (($usrname == $record['usrname']) && ($passwd != $record['passwd'])) {
                header('refresh:3; url=login.php');
                echo "密码错误，系统将在3秒后返回登录界面，请重新登录";
                exit;
            } 
            
            elseif(($usrname == $record['usrname']) && ($passwd == $record['passwd'])){
                # 用户名和密码都正确,将用户信息存到Session中
                $_SESSION['usrname'] = $usrname;
                $_SESSION['islogin'] = 1;

                if ($_POST['remember'] == "yes") {
                    setcookie('usrname', $usrname, time()+7*24*60*60);
                    setcookie('code', md5($usrname.md5($passwd)), time()+7*24*60*60);
                } 
                
                else {
                    setcookie('usrname', '', time()-999);
                    setcookie('code', '', time()-999);
                }
                
                header("location:index.php?id=".$usrname);
                // header("url:index.php?id=$username");
                exit;
             }
        
        }

        header('refresh:3; url=login.php');
        echo "用户名不存在，系统将在3秒后返回登录界面，请重新登录";
        exit;
        

        

    }
    
$con->close();
 ?>
